Environment manipulation via query string in Laravel
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2024-52301 |
| CWE-ID | CWE-254 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software |
Laravel Framework Client/Desktop applications / Software for system administration |
| Vendor | Laravel LLC |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Security features bypass
EUVDB-ID: #VU100356
Risk: Medium
CVSSv4.0: 2.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2024-52301
CWE-ID:
CWE-254 - Security Features
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to the application allows environment variable manipulation when the register_argc_argv php directive is set to on. A remote attacker can query any URL with a special crafted query string and alter values of environment variables. This can result in disclosure of sensitive information and potential unauthorized data manipulation.
Install updates from vendor's website.
Vulnerable software versionsLaravel Framework: 4.0.0 - 11.30.0
CPE2.3- cpe:2.3:a:laravel:laravel_framework:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:laravel:laravel_framework:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:laravel:laravel_framework:4.0.2:*:*:*:*:*:*:*
https://github.com/laravel/framework/security/advisories/GHSA-gv7v-rgg6-548h
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
